A Flow-Level Taxonomy and Prevalence of Brute Force Attacks

Autoři

VYKOPAL Jan

Rok publikování 2011
Druh Článek ve sborníku
Konference Advances in Computing and Communications
Fakulta / Pracoviště MU

Ústav výpočetní techniky

Citace
www http://dx.doi.org/10.1007/978-3-642-22714-1_69
Doi http://dx.doi.org/10.1007/978-3-642-22714-1_69
Obor Informatika
Klíčová slova netflow; taxonomy; prevalence; brute force attack; SSH
Popis Online brute force and dictionary attacks against network services and web applications are ubiquitous. We present their taxonomy from the perspective of network flows. This contributes to clear evaluation of detection methods and provides better understanding of the brute force attacks within the research community. Next, we utilize the formal definitions of attacks in a long-term analysis of SSH traffic from 10 gigabit university network. The results shows that flow-based intrusion detection may profit from traffic observation of the whole network, particularly it can allow more accurate detection of the majority of brute-force attacks in high-speed networks.
Související projekty:

Používáte starou verzi internetového prohlížeče. Doporučujeme aktualizovat Váš prohlížeč na nejnovější verzi.

Další info